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IN THE CLAIMS 

Please cancel claims 1-16 without prejudice or disclaimer. 

This listing of claims will replace all prior versions, and listings, of claims in 
the application. 

Listing of Claims: 

Claims 1-16 (cancelled) 

Claim 17 (original) A method for providing user access to a portion of a web site 
implemented by an electronic commerce system, the web site being accessible by one 
or more users and comprising a set of on-line stores and a set of organizations, each 
of the said on-line stores being associated with one of the set of organizations, the 
method comprising the steps of: 

associating each user with a unique identity in the system; 

associating a user identity with one of a set of access roles for a security 
domain, the access role defining access privileges for the user corresponding to the 
user identity, the security domain comprising a subset of the set of organizations and 
the on-line stores associated with the organizations in the subset; and 

granting or denying access to a user attempting to access a portion of the web 
site by determining the user identity for the user and determining the access role 
associated with the user identity for the security domain corresponding to the portion 
of the web site subject to the access attempt. 

Claim 18 (original) The method of claim 17 in which the step of carrying out the 
determination of the access role associated with a user identity for a security domain 
occurs at user logon time. 

Claim 19 (original) The method of claim 17 in which the set of access roles 
comprises registered customer and administrator roles. 
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Claim 20 (original) The method of claim 17 in which the set of organizations is a tree 
structure, the step of associating a user identity with one of a set of access roles 
further comprises the step of associating the user identity with the access role for a 
selected one of the set of organizations, 

the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization, and 

the step of granting or denying access by determining the access role 
associated with the user identity for the security domain comprises determining the 
access role for the user identity by traversing the tree structure of organizations 
commencing at the selected organization and including the ancestor organizations to 
the selected organization. 

Claim 21 (original) The method of claim 18 in which 
the set of organizations is a tree structure, 

the step of associating a user identity with one of a set of access roles further 
comprises the step of associating the user identity with the access role for a selected 
one of the set of organizations, and 

the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization. 

Claim 22 (original) The method of claim 19 in which 
the set of organizations is a tree structure, 

the step of associating a user identity with one of a set of access roles further 
comprises the step of associating the user identity with the access role for a selected 
one of the set of organizations, and 

the security domain includes the selected organization and those organizations 
in the set that are descendants of the selected organization. 

Claim 23 (original) The method of claim 20 in which the step of associating a user 
identity with one of a set of accessible roles comprises entering data in a table 
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comprising rows comprising data representing user identity, organization, access role 
associations. 

Claim 24 (original) The method of claim 17 in which the step of providing user 
identities with associated access roles occurs at the time of user registration to the 
web site. 
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